package com.zqp.security.browser;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;
import org.springframework.social.connect.Connection;
import org.springframework.social.connect.web.ProviderSignInUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.context.request.ServletWebRequest;

import com.zqp.security.browser.support.SocicalUserInfo;
import com.zqp.security.core.properties.SecurityConstants;
import com.zqp.security.core.properties.SecurityProperties;
import com.zqp.security.core.support.SimpleResponse;

/**
* @author zqp
* @date 2017年12月21日 
* @description 可重用的登录controller 
*/
@RestController
public class BrowserSecurityController {
	
	private Logger logger = LoggerFactory.getLogger(getClass());
	//缓存请求
	private RequestCache   requestCache = new HttpSessionRequestCache();
	//跳转
	private RedirectStrategy  redirectStrategy  =new DefaultRedirectStrategy();
	
	@Autowired
	private SecurityProperties securityProperties;
	
	@Autowired
	private ProviderSignInUtils providerSignInUtils;
	
	/**
	 * 需要身份验证的时候 走这里
	 * @param request
	 * @param response
	 * @return
	 * @throws IOException 
	 */
	@RequestMapping(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL)
	@ResponseStatus(code=HttpStatus.UNAUTHORIZED)
	public SimpleResponse requireAuthentication(HttpServletRequest request,HttpServletResponse response) throws IOException {
		SavedRequest saveRequest = requestCache.getRequest(request, response);
		//请求的URl
		if(saveRequest !=null) {
			String redirectUrl = saveRequest.getRedirectUrl();
			logger.info("登录的请求是:"+ redirectUrl);
			if(StringUtils.endsWithIgnoreCase(redirectUrl, ".html")) {
				redirectStrategy.sendRedirect(request, response, securityProperties.getBrowser().getLoginPage());
			}
			
		}
		return new SimpleResponse("访问的服务需要身份验证:请到登录页面登录");
	}
	
	@GetMapping("/social/user")
	public SocicalUserInfo getSocialUserInfo(HttpServletRequest request) {
		SocicalUserInfo  userInfo = new SocicalUserInfo();
		Connection<?> connection = providerSignInUtils.getConnectionFromSession(new ServletWebRequest(request));
		
		userInfo.setProviderId(connection.getKey().getProviderId());
		userInfo.setProviderUserId(connection.getKey().getProviderUserId());
		userInfo.setNickname(connection.getDisplayName());
		userInfo.setHeading(connection.getImageUrl());
		return userInfo;
	}
	@GetMapping("/session/invalid")
	@ResponseStatus(code=HttpStatus.UNAUTHORIZED)
	public SimpleResponse sessionInvalid() {
		String message = "session 失效";
		return  new SimpleResponse(message);
	}
}
